Merge pull request #1153 from sharelatex/spd-open-in-overleaf-local-storage

Use browser local storage instead of session for tex snippets GitOrigin-RevId: 9609dc882c37ccd2f58bf6d36ea851bbe746fa25
2025-04-06 10:01:28 +00:00 · 2018-11-26 16:14:14 +00:00 · 2018-11-26 16:14:14 +00:00 · 50cba1a86f
commit 50cba1a86f
parent 87409d4b6a
9 changed files with 37 additions and 37 deletions
--- a/services/web/app/coffee/Features/Authentication/AuthenticationController.coffee
+++ b/services/web/app/coffee/Features/Authentication/AuthenticationController.coffee
@ -203,7 +203,7 @@ module.exports = AuthenticationController =
 			return next()
 		else
 			logger.log url:req.url, "user trying to access endpoint not in global whitelist"
-			AuthenticationController._setRedirectInSession(req)
+			AuthenticationController.setRedirectInSession(req)
 			return res.redirect "/login"

 	httpAuth: basicAuth (user, pass)->
@ -212,6 +212,16 @@ module.exports = AuthenticationController =
 			logger.err user:user, pass:pass, "invalid login details"
 		return isValid

+	setRedirectInSession: (req, value) ->
+		if !value?
+			value = if Object.keys(req.query).length > 0 then "#{req.path}?#{querystring.stringify(req.query)}" else "#{req.path}"
+		if (
+			req.session? &&
+				!/^\/(socket.io|js|stylesheets|img)\/.*$/.test(value) &&
+				!/^.*\.(png|jpeg|svg)$/.test(value)
+		)
+			req.session.postLoginRedirect = value
+
 	_redirectToLoginOrRegisterPage: (req, res)->
 		if (req.query.zipUrl? or req.query.project_name? or req.path == '/user/subscription/new')
 			return AuthenticationController._redirectToRegisterPage(req, res)
@ -220,14 +230,14 @@ module.exports = AuthenticationController =

 	_redirectToLoginPage: (req, res) ->
 		logger.log url: req.url, "user not logged in so redirecting to login page"
-		AuthenticationController._setRedirectInSession(req)
+		AuthenticationController.setRedirectInSession(req)
 		url = "/login?#{querystring.stringify(req.query)}"
 		res.redirect url
 		Metrics.inc "security.login-redirect"

 	_redirectToRegisterPage: (req, res) ->
 		logger.log url: req.url, "user not logged in so redirecting to register page"
-		AuthenticationController._setRedirectInSession(req)
+		AuthenticationController.setRedirectInSession(req)
 		url = "/register?#{querystring.stringify(req.query)}"
 		res.redirect url
 		Metrics.inc "security.login-redirect"
@ -245,16 +255,6 @@ module.exports = AuthenticationController =
 		Metrics.inc "user.login.failed"
 		callback()

-	_setRedirectInSession: (req, value) ->
-		if !value?
-			value = if Object.keys(req.query).length > 0 then "#{req.path}?#{querystring.stringify(req.query)}" else "#{req.path}"
-		if (
-			req.session? &&
-			!/^\/(socket.io|js|stylesheets|img)\/.*$/.test(value) &&
-			!/^.*\.(png|jpeg|svg)$/.test(value)
-		)
-			req.session.postLoginRedirect = value
-
 	_getRedirectFromSession: (req) ->
 		return req?.session?.postLoginRedirect || null

--- a/services/web/app/coffee/Features/Authorization/AuthorizationMiddlewear.coffee
+++ b/services/web/app/coffee/Features/Authorization/AuthorizationMiddlewear.coffee
@ -117,5 +117,5 @@ module.exports = AuthorizationMiddlewear =
 			logger.log {from: from}, "redirecting to login"
 			redirect_to = "/login"
 			if from?
-				AuthenticationController._setRedirectInSession(req, from)
+				AuthenticationController.setRedirectInSession(req, from)
 			res.redirect redirect_to
--- a/services/web/app/coffee/Features/SudoMode/SudoModeMiddlewear.coffee
+++ b/services/web/app/coffee/Features/SudoMode/SudoModeMiddlewear.coffee
@ -21,5 +21,5 @@ module.exports = SudoModeMiddlewear =
 				return next()
 			else
 				logger.log {userId}, "[SudoMode] sudo mode not active, redirecting"
-				AuthenticationController._setRedirectInSession(req)
+				AuthenticationController.setRedirectInSession(req)
 				return res.redirect('/confirm-password')
--- a/services/web/app/coffee/Features/TokenAccess/TokenAccessController.coffee
+++ b/services/web/app/coffee/Features/TokenAccess/TokenAccessController.coffee
@ -60,7 +60,7 @@ module.exports = TokenAccessController =
 					else
 						logger.log {token, projectId: project._id},
 							"[TokenAccess] deny anonymous read-and-write token access"
-						AuthenticationController._setRedirectInSession(req)
+						AuthenticationController.setRedirectInSession(req)
 						return res.redirect('/restricted')
 				if project.owner_ref.toString() == userId
 					logger.log {userId, projectId: project._id},
--- a/services/web/app/coffee/Features/User/UserPagesController.coffee
+++ b/services/web/app/coffee/Features/User/UserPagesController.coffee
@ -51,7 +51,7 @@ module.exports =
 		# such as being sent from the editor to /login, then set the redirect explicitly
 		if req.query.redir? and !AuthenticationController._getRedirectFromSession(req)?
 			logger.log {redir: req.query.redir}, "setting explicit redirect from login page"
-			AuthenticationController._setRedirectInSession(req, req.query.redir)
+			AuthenticationController.setRedirectInSession(req, req.query.redir)
 		res.render 'user/login',
 			title: 'login',
 			email: req.query.email
--- a/services/web/test/unit/coffee/Authentication/AuthenticationControllerTests.coffee
+++ b/services/web/test/unit/coffee/Authentication/AuthenticationControllerTests.coffee
@ -491,10 +491,10 @@ describe "AuthenticationController", ->
 		beforeEach ->
 			@req.headers = {}
 			@AuthenticationController.httpAuth = sinon.stub()
-			@_setRedirect = sinon.spy(@AuthenticationController, '_setRedirectInSession')
+			@setRedirect = sinon.spy(@AuthenticationController, 'setRedirectInSession')

 		afterEach ->
-			@_setRedirect.restore()
+			@setRedirect.restore()

 		describe "with white listed url", ->
 			beforeEach ->
@ -540,7 +540,7 @@ describe "AuthenticationController", ->
 				@AuthenticationController.requireGlobalLogin @req, @res, @next

 			it 'should have called setRedirectInSession', ->
-				@_setRedirect.callCount.should.equal 1
+				@setRedirect.callCount.should.equal 1

 			it "should redirect to the /login page", ->
 				@res.redirectedTo.should.equal "/login"
@ -640,18 +640,18 @@ describe "AuthenticationController", ->
 			@callback.called.should.equal true


-	describe '_setRedirectInSession', ->
+	describe 'setRedirectInSession', ->
 		beforeEach ->
 			@req = {session: {}}
 			@req.path = "/somewhere"
 			@req.query = {one: "1"}

 		it 'should set redirect property on session', ->
-			@AuthenticationController._setRedirectInSession(@req)
+			@AuthenticationController.setRedirectInSession(@req)
 			expect(@req.session.postLoginRedirect).to.equal "/somewhere?one=1"

 		it 'should set the supplied value', ->
-			@AuthenticationController._setRedirectInSession(@req, '/somewhere/specific')
+			@AuthenticationController.setRedirectInSession(@req, '/somewhere/specific')
 			expect(@req.session.postLoginRedirect).to.equal "/somewhere/specific"

 		describe 'with a png', ->
@ -659,7 +659,7 @@ describe "AuthenticationController", ->
 				@req = {session: {}}

 			it 'should not set the redirect', ->
-				@AuthenticationController._setRedirectInSession(@req, '/something.png')
+				@AuthenticationController.setRedirectInSession(@req, '/something.png')
 				expect(@req.session.postLoginRedirect).to.equal undefined

 		describe 'with a js path', ->
@ -668,7 +668,7 @@ describe "AuthenticationController", ->
 				@req = {session: {}}

 			it 'should not set the redirect', ->
-				@AuthenticationController._setRedirectInSession(@req, '/js/something.js')
+				@AuthenticationController.setRedirectInSession(@req, '/js/something.js')
 				expect(@req.session.postLoginRedirect).to.equal undefined

 	describe '_getRedirectFromSession', ->
--- a/services/web/test/unit/coffee/SudoMode/SudoModeMiddlewearTests.coffee
+++ b/services/web/test/unit/coffee/SudoMode/SudoModeMiddlewearTests.coffee
@ -13,7 +13,7 @@ describe 'SudoModeMiddlewear', ->
 			isSudoModeActive: sinon.stub()
 		@AuthenticationController =
 			getLoggedInUserId: sinon.stub().returns(@userId)
-			_setRedirectInSession: sinon.stub()
+			setRedirectInSession: sinon.stub()
 		@SudoModeMiddlewear = SandboxedModule.require modulePath, requires:
 			'./SudoModeHandler': @SudoModeHandler
 			'../Authentication/AuthenticationController': @AuthenticationController
@ -54,7 +54,7 @@ describe 'SudoModeMiddlewear', ->

 		describe 'when sudo mode is not active', ->
 			beforeEach ->
-				@AuthenticationController._setRedirectInSession = sinon.stub()
+				@AuthenticationController.setRedirectInSession = sinon.stub()
 				@AuthenticationController.getLoggedInUserId = sinon.stub().returns(@userId)
 				@SudoModeHandler.isSudoModeActive = sinon.stub().callsArgWith(1, null, false)

@ -71,8 +71,8 @@ describe 'SudoModeMiddlewear', ->

 			it 'should set redirect in session', (done) ->
 				@call () =>
-					@AuthenticationController._setRedirectInSession.callCount.should.equal 1
-					@AuthenticationController._setRedirectInSession.calledWith(@req).should.equal true
+					@AuthenticationController.setRedirectInSession.callCount.should.equal 1
+					@AuthenticationController.setRedirectInSession.calledWith(@req).should.equal true
 					done()

 			it 'should redirect to the password-prompt page', (done) ->
--- a/services/web/test/unit/coffee/TokenAccess/TokenAccessControllerTests.coffee
+++ b/services/web/test/unit/coffee/TokenAccess/TokenAccessControllerTests.coffee
@ -61,7 +61,7 @@ describe "TokenAccessController", ->
 				@TokenAccessHandler.addReadAndWriteUserToProject = sinon.stub()
 					.callsArgWith(2, null)
 				@ProjectController.loadEditor = sinon.stub()
-				@AuthenticationController._setRedirectInSession = sinon.stub()
+				@AuthenticationController.setRedirectInSession = sinon.stub()
 				@TokenAccessController.readAndWriteToken @req, @res, @next

 			it 'should try to find a project with this token', (done) ->
@ -173,7 +173,7 @@ describe "TokenAccessController", ->
 						.callsArgWith(2, null)
 					@ProjectController.loadEditor = sinon.stub()
 					@TokenAccessHandler.grantSessionTokenAccess = sinon.stub()
-					@AuthenticationController._setRedirectInSession = sinon.stub()
+					@AuthenticationController.setRedirectInSession = sinon.stub()
 					@TokenAccessController.readAndWriteToken @req, @res, @next

 				it 'should not add the user to the project with read-write access', (done) ->
@ -192,8 +192,8 @@ describe "TokenAccessController", ->
 					done()

 				it 'should set redirect in session', (done) ->
-					expect(@AuthenticationController._setRedirectInSession.callCount).to.equal 1
-					expect(@AuthenticationController._setRedirectInSession.calledWith(@req)).to.equal true
+					expect(@AuthenticationController.setRedirectInSession.callCount).to.equal 1
+					expect(@AuthenticationController.setRedirectInSession.calledWith(@req)).to.equal true
 					done()

 				it 'should redirect to restricted page', (done) ->
--- a/services/web/test/unit/coffee/User/UserPagesControllerTests.coffee
+++ b/services/web/test/unit/coffee/User/UserPagesControllerTests.coffee
@ -28,7 +28,7 @@ describe "UserPagesController", ->
 			getLoggedInUserId: sinon.stub().returns(@user._id)
 			getSessionUser: sinon.stub().returns(@user)
 			_getRedirectFromSession: sinon.stub()
-			_setRedirectInSession: sinon.stub()
+			setRedirectInSession: sinon.stub()
 		@UserPagesController = SandboxedModule.require modulePath, requires:
 			"settings-sharelatex": @settings
 			"logger-sharelatex":
@ -92,13 +92,13 @@ describe "UserPagesController", ->

 			beforeEach ->
 				@AuthenticationController._getRedirectFromSession = sinon.stub().returns(null)
-				@AuthenticationController._setRedirectInSession = sinon.stub()
+				@AuthenticationController.setRedirectInSession = sinon.stub()
 				@req.query.redir = '/somewhere/in/particular'

 			it 'should set a redirect', (done) ->
 				@res.render = (page) =>
-					@AuthenticationController._setRedirectInSession.callCount.should.equal 1
-					expect(@AuthenticationController._setRedirectInSession.lastCall.args[1]).to.equal @req.query.redir
+					@AuthenticationController.setRedirectInSession.callCount.should.equal 1
+					expect(@AuthenticationController.setRedirectInSession.lastCall.args[1]).to.equal @req.query.redir
 					done()
 				@UserPagesController.loginPage @req, @res